fix: auto-login after checkout, ThankYou guest buttons, forgot password page
1. Auto-login after checkout: - Added wp_set_auth_cookie() and wp_set_current_user() in CheckoutController - Auto-registered users are now logged in when thank-you page loads 2. ThankYou page guest buttons: - Added 'Login / Create Account' button for guests - Shows for both receipt and basic templates - No more dead-end after placing order as guest 3. Forgot password flow: - Created ForgotPassword page component (/forgot-password route) - Added forgot_password API endpoint in AuthController - Uses WordPress retrieve_password() for reset email - Replaced wp-login.php link in Login page
This commit is contained in:
Dwindi Ramadhana
@@ -186,4 +186,48 @@ class AuthController {
|
||||
],
|
||||
], 200 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Forgot password endpoint - sends password reset email
|
||||
*
|
||||
* @param WP_REST_Request $request Request object
|
||||
* @return WP_REST_Response Response object
|
||||
*/
|
||||
public static function forgot_password( WP_REST_Request $request ): WP_REST_Response {
|
||||
$email = sanitize_email( $request->get_param( 'email' ) );
|
||||
|
||||
if ( empty( $email ) || ! is_email( $email ) ) {
|
||||
return new WP_REST_Response( [
|
||||
'success' => false,
|
||||
'message' => __( 'Please enter a valid email address', 'woonoow' ),
|
||||
], 400 );
|
||||
}
|
||||
|
||||
// Check if user exists
|
||||
$user = get_user_by( 'email', $email );
|
||||
|
||||
if ( ! $user ) {
|
||||
// For security, don't reveal if email exists or not
|
||||
// But still return success to prevent email enumeration attacks
|
||||
return new WP_REST_Response( [
|
||||
'success' => true,
|
||||
'message' => __( 'If an account exists with this email, you will receive a password reset link.', 'woonoow' ),
|
||||
], 200 );
|
||||
}
|
||||
|
||||
// Use WordPress's built-in password reset functionality
|
||||
$result = retrieve_password( $user->user_login );
|
||||
|
||||
if ( is_wp_error( $result ) ) {
|
||||
return new WP_REST_Response( [
|
||||
'success' => false,
|
||||
'message' => __( 'Failed to send password reset email. Please try again.', 'woonoow' ),
|
||||
], 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( [
|
||||
'success' => true,
|
||||
'message' => __( 'Password reset email sent! Please check your inbox.', 'woonoow' ),
|
||||
], 200 );
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user